Personal Health Information Protection Act

Personal Health Information Protection Act
An Ontario Act to establish consistent rules governing the collection, use and disclosure of personal health information in the hands of ’health information custodians‘, such as doctors, hospitals or other health care providers.
Citation S.O. 2004, Chapter 3 Schedule A
Enacted by Legislative Assembly of Ontario
Date assented to 20 May 2004
Date commenced 1 November 2004
Legislative history
Bill Bill 31, Schedule A
Introduced by Ministry of Consumer and Business Services and the Ministry of Health and Long Term Care

The Personal Health Information Protection Act, also known as PHIPA ('pee-hip-ah'), is Ontario legislation established in November 2004. PHIPA is one of two components of the Health Information Protection Act. The Health Information Protection Act, also established in 2004, comprises two schedules: PHIPA (Schedule A) and the Quality of Care Information Protection Act (Schedule B).[1]

PHIPA provides a set of rules for the collection, use and disclosure of personal health information, and includes the following provisions:

History

Application

PHIPA applies to individuals and organizations involved in the delivery of healthcare services. Under the Act, they are referred to as “health information custodians”.

Health information custodians

A health information custodian can be any number of individuals or organizations who have custody or control of personal health information.[3] Some examples of a health information custodian include:

Agents of health information custodians

An “agent” of a health information custodian includes anyone who is authorized by the health information custodian to do anything on behalf of the custodian with respect to personal health information. These actions are for the purposes of the health information custodian and not the agent.[3]

Examples include:

Role of the Information and Privacy Commissioner

The Information and Privacy Commissioner of Ontario (IPC) is appointed by the Legislative Assembly of Ontario and is independent of the government. The IPC is responsible for ensuring that health information custodians comply with the Act.[6] Under PHIPA, the IPC has the power to review and make rulings about complaints.

Complaint Time to File the Complaint
Personal health information has been collected, used or shared contrary to PHIPA Within 1 year
A request to see personal health information has been denied Within 6 months
A request to have personal health information corrected has been denied Within 6 months

When the commissioner receives a complaint, a mediator may be appointed to try to solve the problem. The IPC has various powers to resolve complaints, including the power to order a health information custodian to:

Content

The Act covers the following subjects relating to personal health information in the province of Ontario:

References

  1. 1 2 "Frequently Asked Questions: Personal Health Information Privacy Act" (PDF). Retrieved 14 December 2012.
  2. "Personal Health Personal Health Information Protection Information Protection Act, 2004: Act, 2004: An Overview An Overview" (PDF). Ministry of Health and Long-Term Care. Retrieved 11 December 2012.
  3. 1 2 3 Bearwood, John P.; Kerr, J. Alexis (2004). "Coming soon to a health sector near you: Advance look at the Ontario Personal Health Information Protection Act (PHIPA)". Healthcare quarterly. 7 (4): 62–67.
  4. "Your Health Information: Your Rights" (PDF). Information and Privacy Commissioner of Ontario. Retrieved 10 December 2012.
  5. "Personal Health Information Protection Act, 2004". Service Ontario. Retrieved 11 December 2012.
  6. 1 2 "A Guide to the Personal Health Information Privacy Act" (PDF). Retrieved 11 December 2012.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.